CVSS: 5.0EPSS: 4%CPEs: 16EXPL: 0CVE-2006-3490
https://notcve.org/view.php?id=CVE-2006-3490
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls. F-Secure Anti-Virus 2003 a 2006 y otras versiones, Internet Security 2003 a 2006 y Service Platform for Service Providers 6.x y anteriores no escanean archivos ubicados en medios extraíbles cuando la opción "Escanear Unidades de Red" está deshabilitada, lo cual permite a atacantes remotos evitar el control de los antivirus. • http://secunia.com/advisories/20858 http://securitytracker.com/id?1016400 http://securitytracker.com/id?1016401 http://www.f-secure.com/security/fsc-2006-4.shtml http://www.osvdb.org/26876 http://www.securityfocus.com/bid/18693 http://www.vupen.com/english/advisories/2006/2573 https://exchange.xforce.ibmcloud.com/vulnerabilities/27502 •
CVSS: 7.6EPSS: 5%CPEs: 5EXPL: 0CVE-2006-2838
https://notcve.org/view.php?id=CVE-2006-2838
Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host. • http://secunia.com/advisories/20407 http://securitytracker.com/id?1016196 http://securitytracker.com/id?1016197 http://www.f-secure.com/security/fsc-2006-3.shtml http://www.vupen.com/english/advisories/2006/2076 https://exchange.xforce.ibmcloud.com/vulnerabilities/26799 •
CVSS: 6.5EPSS: 1%CPEs: 22EXPL: 0CVE-2006-0705
https://notcve.org/view.php?id=CVE-2006-0705
Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Windows Server before 6.0 build 38, (3) F-Secure SSH Server for Windows before 5.3 build 35, (4) F-Secure SSH Server for UNIX 3.0 through 5.0.8, (5) SSH Tectia Server 4.3.6 and earlier and 4.4.0, and (6) SSH Shell Server 3.2.9 and earlier, allows remote authenticated users to execute arbitrary commands via unspecified vectors, involving crafted filenames and the stat command. • http://marc.info/?l=bugtraq&m=120654385125315&w=2 http://secunia.com/advisories/18828 http://secunia.com/advisories/18843 http://secunia.com/advisories/24516 http://secunia.com/advisories/29552 http://security.gentoo.org/glsa/glsa-200703-13.xml http://securitytracker.com/id?1015619 http://support.wrq.com/techdocs/1882.html http://www.kb.cert.org/vuls/id/419241 http://www.securityfocus.com/bid/16625 http://www.securityfocus.com/bid/16640 http://www.vupen.com&# • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.0EPSS: 1%CPEs: 54EXPL: 0CVE-2006-0338
https://notcve.org/view.php?id=CVE-2006-0338
Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned. • http://secunia.com/advisories/18529 http://securitytracker.com/id?1015507 http://securitytracker.com/id?1015508 http://securitytracker.com/id?1015509 http://securitytracker.com/id?1015510 http://www.ciac.org/ciac/bulletins/q-103.shtml http://www.f-secure.com/security/fsc-2006-1.shtml http://www.osvdb.org/22633 http://www.securityfocus.com/bid/16309 http://www.vupen.com/english/advisories/2006/0257 https://exchange.xforce.ibmcloud.com/vulnerabilities/24199 •
CVSS: 7.5EPSS: 17%CPEs: 63EXPL: 0CVE-2006-0337
https://notcve.org/view.php?id=CVE-2006-0337
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. • http://secunia.com/advisories/18529 http://securitytracker.com/id?1015507 http://securitytracker.com/id?1015508 http://securitytracker.com/id?1015509 http://securitytracker.com/id?1015510 http://www.ciac.org/ciac/bulletins/q-103.shtml http://www.f-secure.com/security/fsc-2006-1.shtml http://www.osvdb.org/22632 http://www.securityfocus.com/bid/16309 http://www.vupen.com/english/advisories/2006/0257 https://exchange.xforce.ibmcloud.com/vulnerabilities/24198 •